Arbitrary Web Script Injection via Symlink Attack in Show In Browser Gem
CVE-2013-2105 · LOW Severity
AV:L/AC:M/AU:N/C:N/I:P/A:P
The Show In Browser (show_in_browser) gem 0.0.3 for Ruby allows local users to inject arbitrary web script or HTML via a symlink attack on /tmp/browser.html.
Learn more about our Web App Pen Testing.